Malware has compromised tens of thousands of devices to mine cryptocurrency and steal funds, yet it has only managed to secure around $6,000.
On 8 October, cybersecurity firm Doctor Web reported the detection of malware masquerading as legitimate software, including office applications, gaming cheats, and online trading bots.
This cryptojacking and theft software has infected over 28,000 users, primarily in Russia, with additional cases in Belarus, Uzbekistan, Kazakhstan, Ukraine, Kyrgyzstan, and Turkey.
While the hackers collected about $6,000 worth of cryptocurrency, it remains unclear how much the malware's creator may have gained from crypto mining.
Doctor Web noted that the malware was distributed through fraudulent GitHub pages and malicious links in YouTube video descriptions.
Once a device is compromised, the stealthy software hijacks computing resources for mining.
Additionally, a component known as a "Clipper" monitors the clipboard for cryptocurrency wallet addresses, replacing them with those controlled by the attackers, facilitating their small-scale theft.
The malware employs advanced techniques to evade detection, including using password-protected archives to avoid antivirus scans, disguising harmful files as legitimate system components, and executing malicious scripts with authorised software.
Doctor Web advised that many victims fell prey by installing pirated versions of popular programmes and recommended obtaining software only from official sources.
Clipboard-changing malware has existed for years, gaining significant traction following the 2017 cryptocurrency bull market.
It is a type of malicious software that sneaks onto your computer or phone and secretly alters the information you copy to your clipboard (the place where data is temporarily stored when you cut or copy text).
For example, if you copy a cryptocurrency wallet address to send money, the malware can replace it with a different address.
This means that, instead of sending your money to the intended person, it gets sent to the criminal's account.
This increased complexity makes them more dangerous and difficult to detect, posing a growing threat to unsuspecting users, especially in financial transactions like cryptocurrency transfers.
Over time, these malicious programmes have evolved, becoming more sophisticated by incorporating clipboard hijacking with other harmful features.
A well-known financial blogger said that the Biden administration’s informal regulation requiring banks to limit crypto deposits to no more than 15% may lead to a wave of panic runs among customers.
AlexVitalik Buterin has proposed creating metrics to evaluate how closely projects align with Ethereum's core values. He highlighted that achieving "Ethereum alignment" poses a significant social challenge within the ecosystem, but acknowledged that this endeavour will not be easy.
KikyoMicrosoft is relaunching its AI-powered Recall program with enhanced privacy features after initial concerns over user surveillance led to its delay. The new version will allow users to filter out sensitive information, require Windows Hello authentication, and operate on an opt-in basis, ensuring greater control over their data.
AnaisFTX has unexpectedly changed its payout plans, allocating only 10-25% of recovered assets to crypto holders while setting aside $230 million for preferred shareholders. Many creditors are outraged, feeling blindsided by these revisions and frustrated that reimbursements are based on much lower asset prices from the time of bankruptcy.
JoyTether recently teamed up with the US Department of Justice to recover $6 million in crypto assets tied to scams in Southeast Asia, where fraudsters posed as legitimate exchanges to defraud victims.
CatherineTelegram has committed to a zero-tolerance policy for deepfake pornography and illegal content in South Korea after concerns about manipulated images of women. This partnership with the Korea Communications Standards Commission aims to quickly remove harmful material and protect victims, as over 800 individuals have already been affected this year.
WeatherlyMatrixport has acquired Crypto Finance's asset management division, rebranding it as Matrixport Asset Management AG to enhance its services and expand its regulatory presence in Europe. The acquisition allows Matrixport to offer innovative, compliant crypto investment solutions, further solidifying its position in the digital asset market.
AnaisWorld Liberty Financial, backed by the Trump family, has launched the KYC process for its WLFI tokens. Accredited US investors and non-US participants can join, while US retail investors are excluded due to regulations. The project hopes to expand access to all US users in the future.
CatherineAs blockchain and crypto adoption rises globally, more users are seeking quick profits. Over the past year, more than 250 individuals in the UK lost over $650,000 to fraudulent Bybit demo accounts. Investigations into these scams are being conducted by blockchain expert ZachXBT.
KikyoIndian YouTuber Ranveer Allahbadia, known as Beer Biceps, experienced a significant cyber attack that resulted in hackers renaming his channels to names associated with Elon Musk, Trump, and Tesla, while deleting most of his content. Fortunately, his channels were restored shortly after, prompting him to emphasize the importance of cybersecurity to his followers.
Anais